You are on page 1of 3

CISCO new commands

GENERAL
 #security passwords min-length (number)
 #service password-encryption
 #username Gorbi secret cisco
 #exec-timeout (minutes seconds)
 #no service password-encryption
 #security authentication failure rate 5 log
 R1(config-line) # exec-timeout (minutes) (seconds)
 #privilege exec level 5 debug
#enable secret level 5 cisco
 #show login failures

R1#conf term
R1(config)# aaa new-model
R1(config)#end
R1#enable view
password:
R1# config terminal
R1(config)#parser view HELPDESK
R1(config-view)#secret 0 cisco
R1(config-view)#commands exec include ping
R1(config-view)#commands exec include
traceroute
.
.
.
R1# enable view HELPDESK
Password:
R1#?
Exec commands:
copy Copy from one file to another
enable Turn on privileged commands
exit Exit from the EXEC
ping Send echo messages
show Show running system
information
traceroute Trace route to destination
R1(config)#parser view Master superview
R1(config)#parser view HELPDESK
R1(config-view)#secret cisco
R1(config-view)#view HELPDESK

This created a superview that includes the


commands of HELPDESK view.

 #secure boot-image
 #secure boot-config (stores the running)
 #Show secure bootset
 #secure boot-config restore [filename]

#login block-for 30 attempts 10 within 20
#login quiet-mode access-class 101
#login delay 2(seconds)
#login on-failure log every
#login on-success log every
R1#show login

 #banner motd $bla bla bla$



R1#conf term
R1(config)# ip domain-name R1
R1(config)#Crypto key generate rsa general-
keys modulus 1024
R1#show crypto key mypubkey rsa
R1# config terminal
R1(config)# username gorbi secret cisco
R1(config)#line vty 0 4
R1(config-line)# login local
R1(config-line)#t transport input ssh
R1(config-line)#exit
R1(config)# ip ssh ver 2
R1(config)# ip ssh time-out 60
R1(config)# ip ssh authentication-retries 2
R1# show ip ssh


PASSWORD RECOVERY
1. #show version
Configuration register is 0x2102
2. Use the power switch to power cycle the router
3. Issue the break sequence within 60 seconds of power up to
put the router into ROMmon
4. Rommon 1> confreg 0x2142
5. Rommon2> prompt
6. No to setup questions
7. >enable
8. #Copy startup-config running-config
9. #show run
 No service password-recovery
System Logging
1. #logging host 10.0.0.254
2. #logging trap (0-7)
3. #logging source-interface loopback 0
4. Logging on
 R1#clock set 10:25:00 MAY 2 1983
NTP SETUP
1. NTPserver# conf term
2. NTPserver(config)# ntp master 1
3. NTPserver(config)# ntp authenticate
4. NTPserver(config)# ntp authentication-key 1 md5 cisco2
5. NTPserver(config)# ntp trusted-key 1
6. NTPclient# conf term
7. NTPclient(config)# ntp server 10.0.0.1
8. NTPclient# show ntp status
 #auto secure ?
AAA setup
1. #username JR-Admin secret cisco
2. #username ADMIN secret cisco2
3. #aaa new-model
4. #aaa authentication login default local-case enable
5. #aaa authentication login TELNET-LOGIN local-case
6. #line vty 0 4
7. (config-line)# login authentication TELNET-LOGIN
8. (config-line)# exit
9. # aaa local authentication attempts max-fail 3
10. # do show aaa local user lockout
11. #do clear aaa local user lockout username gorbi
 #aaa authentication login default group radius
 #tacacs-server host [ip address of TACACS+ server]
 #tacacs-server key [key]
 #aaa authentication login default group tacacs+
 #radius-server host [ip address of the server]
 #radius-server key [key]
 #debug aaa authentication
 #debug radius
 #debug tacacs
 #
 #aaa authorization exec default group tacacs+ group radius
 #aaa authorization network group tacacs+
 #aaa accounting exec default start-stop group tacacs+
 #aaa accounting network default start-stop group tacacs+

You might also like